This module covers Zero-Touch provisioning of an IAP using Arubas Cloud-based activation service “Activate” plus AirWave to automatically push configs to remote sites.Click here to learn more about Aruba’s wireless networking solutions
Securing Active Directory: Analyzing Group Membership
Part of securing Active Directory is ensuring that the groups that have privileges have the correct members. Of course, obtaining the members of a group is not all that hard.
Securing Active Directory: A Glimpse into the Future
As an MVP in Directory Services, I feel it is my job, duty, and responsibility to share, explain, and provide feedback into past, current, and future technologies that Microsoft provides with regards to Windows and Active Directory.
Active Directory Object LDAP Syntax
A typical day of an Active Directory administrator entails working within a tool, such as Active Directory Users and Computers ( ADUC ), Active Directory Sites and Services ( ADSS ), ADManager Plus, or ADAudit Plus. These tools mask the complexities that can be hidden behind most of the objects that you are working with.
2014 Security Year in Review
Whew! Thank goodness 2014 is over! Well, at least if you are considering the year’s security issues, attacks, leaks, and password issues . As a security and Windows Active Directory professional, I feel like I have earned the right and it is the appropriate time to say, “I told you so.” Let me put this into perspective, to prove my point. 2014 financial services firms – $20.8 million lost to breaches 2014 tech companies – $14.5 million lost to breaches 2014 communication providers – $12.7 million lost to breaches Ebay – 150 million user accounts compromised due to phishing attacks, users asked to change password immediately Home Depot – 56 million credit cards compromised US Post Office – 800,000 employees’ confidential data breached Unfortunately, there are many , many more that could be listed
Tracking Administrative Group Modifications
Security of elevated privileged access is becoming more and more important with every Active Directory installation. Attacks are going to happen and ensuring you know who has privileged access will help reduce the overall effectiveness of these attacks
AD Admins: Are you prepared for the worst?
One of Aesop’s greatest fables, titled ‘The Ant and the Grasshopper’, teaches us a priceless lesson for life – it is best to be prepared for the future. While the grasshopper makes merry dancing and singing during summer, the ant diligently stashes away every bit of food it can save
Active Directory Delegation: It Does Not Need to Be Hard!
One of the most important and powerful reasons that organizations consider Active Directory is the fact that delegation is built into the product. W indows NT did not have delegation, unless you want to call membership in the Account Operators group delegation! Windows Active Directory provides a simple method , using the Delegate Control Wizard, to grant a group of users granular control over all or even just a subset of your Active Directory objects. For example, if you have a help desk that should have the ability to reset passwords for all users except for those in IT, you can delegate this permission to the OU that contains the non-IT employees
Safely Delegating Password Reset Capability in Active Directory
I have been preaching for years about how powerful Active Directory is in the ability to delegate control over certain tasks and certain objects in Active Directory. One of the most obvious delegations is giving a one group of users the ability to reset passwords for a different group of users. There are a few issues using the Microsoft solution, and those issues can cause insecure settings, hard-to-report delegations, and access to AD that is hard to find and remove
Active Directory Computer Objects – ManageEngine ADManager Plus
This tutorial by Zoho Corp’s ManageEngine team explains the Active Directory Computer Objects, why they are required and also their attributes that establish their identity and also their uniqueness inside an Active Directory Domain.